feat(pitch-deck): passwordless investor auth, audit logs, snapshots & PWA (#2)
All checks were successful
CI / test-go-consent (push) Successful in 27s
CI / test-python-voice (push) Successful in 25s
CI / test-bqas (push) Successful in 27s
CI / Deploy (push) Successful in 6s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
All checks were successful
CI / test-go-consent (push) Successful in 27s
CI / test-python-voice (push) Successful in 25s
CI / test-bqas (push) Successful in 27s
CI / Deploy (push) Successful in 6s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
Adds investor-facing access controls, persistence, and PWA support to the pitch deck: - Passwordless magic-link auth (jose JWT + nodemailer SMTP) - Per-investor audit logging (logins, slide views, assumption changes, chat) - Financial model snapshot persistence (auto-save/restore per investor) - PWA support (manifest, service worker, offline caching, branded icons) - Safeguards: email watermark overlay, security headers, content protection, rate limiting, IP/new-IP detection, single active session per investor - Admin API: invite, list investors, revoke, query audit logs - pitch-deck service added to docker-compose.coolify.yml Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit was merged in pull request #2.
This commit is contained in:
42
pitch-deck/app/api/admin/audit-logs/route.ts
Normal file
42
pitch-deck/app/api/admin/audit-logs/route.ts
Normal file
@@ -0,0 +1,42 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import pool from '@/lib/db'
|
||||
import { validateAdminSecret } from '@/lib/auth'
|
||||
|
||||
export async function GET(request: NextRequest) {
|
||||
if (!validateAdminSecret(request)) {
|
||||
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
||||
}
|
||||
|
||||
const { searchParams } = new URL(request.url)
|
||||
const investorId = searchParams.get('investor_id')
|
||||
const action = searchParams.get('action')
|
||||
const limit = Math.min(parseInt(searchParams.get('limit') || '100'), 500)
|
||||
const offset = parseInt(searchParams.get('offset') || '0')
|
||||
|
||||
const conditions: string[] = []
|
||||
const params: unknown[] = []
|
||||
let paramIdx = 1
|
||||
|
||||
if (investorId) {
|
||||
conditions.push(`a.investor_id = $${paramIdx++}`)
|
||||
params.push(investorId)
|
||||
}
|
||||
if (action) {
|
||||
conditions.push(`a.action = $${paramIdx++}`)
|
||||
params.push(action)
|
||||
}
|
||||
|
||||
const where = conditions.length > 0 ? `WHERE ${conditions.join(' AND ')}` : ''
|
||||
|
||||
const { rows } = await pool.query(
|
||||
`SELECT a.*, i.email as investor_email, i.name as investor_name
|
||||
FROM pitch_audit_logs a
|
||||
LEFT JOIN pitch_investors i ON i.id = a.investor_id
|
||||
${where}
|
||||
ORDER BY a.created_at DESC
|
||||
LIMIT $${paramIdx++} OFFSET $${paramIdx++}`,
|
||||
[...params, limit, offset]
|
||||
)
|
||||
|
||||
return NextResponse.json({ logs: rows })
|
||||
}
|
||||
19
pitch-deck/app/api/admin/investors/route.ts
Normal file
19
pitch-deck/app/api/admin/investors/route.ts
Normal file
@@ -0,0 +1,19 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import pool from '@/lib/db'
|
||||
import { validateAdminSecret } from '@/lib/auth'
|
||||
|
||||
export async function GET(request: NextRequest) {
|
||||
if (!validateAdminSecret(request)) {
|
||||
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
||||
}
|
||||
|
||||
const { rows } = await pool.query(
|
||||
`SELECT i.id, i.email, i.name, i.company, i.status, i.last_login_at, i.login_count, i.created_at,
|
||||
(SELECT COUNT(*) FROM pitch_audit_logs a WHERE a.investor_id = i.id AND a.action = 'slide_viewed') as slides_viewed,
|
||||
(SELECT MAX(a.created_at) FROM pitch_audit_logs a WHERE a.investor_id = i.id) as last_activity
|
||||
FROM pitch_investors i
|
||||
ORDER BY i.created_at DESC`
|
||||
)
|
||||
|
||||
return NextResponse.json({ investors: rows })
|
||||
}
|
||||
68
pitch-deck/app/api/admin/invite/route.ts
Normal file
68
pitch-deck/app/api/admin/invite/route.ts
Normal file
@@ -0,0 +1,68 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import pool from '@/lib/db'
|
||||
import { validateAdminSecret, generateToken, logAudit, getClientIp } from '@/lib/auth'
|
||||
import { sendMagicLinkEmail } from '@/lib/email'
|
||||
import { checkRateLimit, RATE_LIMITS } from '@/lib/rate-limit'
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
if (!validateAdminSecret(request)) {
|
||||
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
||||
}
|
||||
|
||||
const body = await request.json()
|
||||
const { email, name, company } = body
|
||||
|
||||
if (!email || typeof email !== 'string') {
|
||||
return NextResponse.json({ error: 'Email required' }, { status: 400 })
|
||||
}
|
||||
|
||||
// Rate limit by email
|
||||
const rl = checkRateLimit(`magic-link:${email.toLowerCase()}`, RATE_LIMITS.magicLink)
|
||||
if (!rl.allowed) {
|
||||
return NextResponse.json({ error: 'Too many invites for this email. Try again later.' }, { status: 429 })
|
||||
}
|
||||
|
||||
const normalizedEmail = email.toLowerCase().trim()
|
||||
|
||||
// Upsert investor
|
||||
const { rows } = await pool.query(
|
||||
`INSERT INTO pitch_investors (email, name, company)
|
||||
VALUES ($1, $2, $3)
|
||||
ON CONFLICT (email) DO UPDATE SET
|
||||
name = COALESCE(EXCLUDED.name, pitch_investors.name),
|
||||
company = COALESCE(EXCLUDED.company, pitch_investors.company),
|
||||
status = CASE WHEN pitch_investors.status = 'revoked' THEN 'invited' ELSE pitch_investors.status END,
|
||||
updated_at = NOW()
|
||||
RETURNING id, status`,
|
||||
[normalizedEmail, name || null, company || null]
|
||||
)
|
||||
|
||||
const investor = rows[0]
|
||||
|
||||
// Generate magic link
|
||||
const token = generateToken()
|
||||
const ttlHours = parseInt(process.env.MAGIC_LINK_TTL_HOURS || '72')
|
||||
const expiresAt = new Date(Date.now() + ttlHours * 60 * 60 * 1000)
|
||||
|
||||
await pool.query(
|
||||
`INSERT INTO pitch_magic_links (investor_id, token, expires_at)
|
||||
VALUES ($1, $2, $3)`,
|
||||
[investor.id, token, expiresAt]
|
||||
)
|
||||
|
||||
// Build magic link URL
|
||||
const baseUrl = process.env.PITCH_BASE_URL || 'https://pitch.breakpilot.ai'
|
||||
const magicLinkUrl = `${baseUrl}/auth/verify?token=${token}`
|
||||
|
||||
// Send email
|
||||
await sendMagicLinkEmail(normalizedEmail, name || null, magicLinkUrl)
|
||||
|
||||
await logAudit(investor.id, 'magic_link_sent', { email: normalizedEmail }, request)
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
investor_id: investor.id,
|
||||
email: normalizedEmail,
|
||||
expires_at: expiresAt.toISOString(),
|
||||
})
|
||||
}
|
||||
26
pitch-deck/app/api/admin/revoke/route.ts
Normal file
26
pitch-deck/app/api/admin/revoke/route.ts
Normal file
@@ -0,0 +1,26 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import pool from '@/lib/db'
|
||||
import { validateAdminSecret, revokeAllSessions, logAudit } from '@/lib/auth'
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
if (!validateAdminSecret(request)) {
|
||||
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
||||
}
|
||||
|
||||
const body = await request.json()
|
||||
const { investor_id } = body
|
||||
|
||||
if (!investor_id) {
|
||||
return NextResponse.json({ error: 'investor_id required' }, { status: 400 })
|
||||
}
|
||||
|
||||
await pool.query(
|
||||
`UPDATE pitch_investors SET status = 'revoked', updated_at = NOW() WHERE id = $1`,
|
||||
[investor_id]
|
||||
)
|
||||
|
||||
await revokeAllSessions(investor_id)
|
||||
await logAudit(investor_id, 'investor_revoked', {}, request)
|
||||
|
||||
return NextResponse.json({ success: true })
|
||||
}
|
||||
Reference in New Issue
Block a user